def test_can_add_video(self): user = self.user team = self.team # Policy: members. team.video_policy = Team.VP_MEMBER team.save() for r in [ROLE_CONTRIBUTOR, ROLE_MANAGER, ROLE_ADMIN, ROLE_OWNER]: with self.role(r): self.assertTrue(can_add_video(team, user)) self.assertFalse(can_add_video(team, self.outsider)) # Policy: managers. team.video_policy = Team.VP_MANAGER team.save() for r in [ROLE_MANAGER, ROLE_ADMIN, ROLE_OWNER]: with self.role(r): self.assertTrue(can_add_video(team, user)) with self.role(ROLE_CONTRIBUTOR): self.assertFalse(can_add_video(team, user)) self.assertFalse(can_add_video(team, self.outsider)) # Make sure narrowings are taken into account. with self.role(ROLE_MANAGER, self.test_project): self.assertFalse(can_add_video(team, user)) self.assertTrue( can_add_video(team, user, project=self.test_project)) # Policy: admins. team.video_policy = Team.VP_ADMIN team.save() for r in [ROLE_ADMIN, ROLE_OWNER]: with self.role(r): self.assertTrue(can_add_video(team, user)) for r in [ROLE_CONTRIBUTOR, ROLE_MANAGER]: with self.role(r): self.assertFalse(can_add_video(team, user)) self.assertFalse(can_add_video(team, self.outsider))
def check_save_permissions(self, serializer): team = serializer.validated_data.get('team') project = serializer.validated_data.get('project') if serializer.will_add_video_to_team(): if not team_perms.can_add_video(team, self.request.user, project): raise PermissionDenied() if serializer.instance: self.check_update_permissions(serializer)
def test_save_role(self): owner = self.owner member_account = UserFactory(username='******', password='******') member = TeamMemberFactory(team=self.team, user=member_account, role=TeamMember.ROLE_CONTRIBUTOR) tv = self.project_video video_url = reverse("videos:video", args=(tv.video.video_id, )) owner.user.set_password("hey") owner.user.save() self.team.is_visible = False self.team.save() resp = self.client.get(video_url, follow=True) self.assertNotEqual(resp.status_code, 200) self.team.video_policy = Team.VP_MEMBER self.task_assign_policy = 10 self.team.save() self.assertTrue(can_add_video(self.team, member.user)) self.assertTrue(can_add_video_somewhere(self.team, member.user)) self.assertTrue(can_view_tasks_tab(self.team, member.user)) self.assertTrue(can_create_and_edit_subtitles(member.user, tv)) self.assertTrue(can_create_and_edit_translations(member.user, tv)) self.assertFalse(can_view_settings_tab(self.team, member.user)) self.save_role(member, owner, ROLE_ADMIN) self.assertTrue(can_add_video_somewhere(self.team, member.user)) self.assertTrue(can_view_tasks_tab(self.team, member.user)) self.assertTrue(can_create_and_edit_subtitles(member.user, tv)) self.assertTrue(can_create_and_edit_translations(member.user, tv)) self.assertTrue(can_view_settings_tab(self.team, member.user)) self.save_role(member, owner, ROLE_CONTRIBUTOR) self.assertFalse(can_view_settings_tab(self.team, member.user)) self.assertTrue(can_add_video_somewhere(self.team, member.user)) self.assertTrue(can_view_tasks_tab(self.team, member.user)) self.assertTrue(can_create_and_edit_subtitles(member.user, tv)) self.assertTrue(can_create_and_edit_translations(member.user, tv)) self.client.login(username=member.user.username, password="******") resp = self.client.get(video_url, follow=True) self.assertEqual(resp.status_code, 200)
def clean(self): team_video = self.cleaned_data.get('team_video') team = self.cleaned_data.get('team') project = self.cleaned_data.get('project') if not team_video or not team: return if project and project.team != team: raise forms.ValidationError( u"That project does not belong to that team.") if team_video.team.pk == team.pk: raise forms.ValidationError(u"That video is already in that team.") if not can_add_video(team, self.user): raise forms.ValidationError(u"You can't add videos to that team.") if not can_remove_video(team_video, self.user): raise forms.ValidationError( u"You can't remove that video from its team.") return self.cleaned_data
def import_videos_from_feeds(urls, user_id=None, team_id=None): from teams.permissions import can_add_video from teams.models import Team try: user = User.objects.get(id=user_id) except ObjectDoesNotExist: user = None team = None if user is not None: try: team = Team.objects.get(id=team_id) if not can_add_video(team, user): team = None except Team.DoesNotExist: pass video_count = 0 for url in urls: importer = VideoImporter(url, user, team=team) importer.import_videos() _save_video_feed(url, importer.last_link, user) video_count += importer.video_count if user and video_count > 0: tasks.videos_imported_message.delay(user_id, video_count)
def __init__(self, team, user, *args, **kwargs): self.team = team self.user = user super(AddTeamVideoForm, self).__init__(*args, **kwargs) projects = self.team.project_set.all() if len(projects) > 1: projects = projects.exclude(slug='_root') self.fields['project'].queryset = projects ordered_projects = ([p for p in projects if p.is_default_project] + [p for p in projects if not p.is_default_project]) ordered_projects = [ p for p in ordered_projects if can_add_video(team, user, p) ] self.fields['project'].choices = [(p.pk, p) for p in ordered_projects] writable_langs = team.get_writable_langs() self.fields['language'].choices = [ c for c in get_language_choices(True) if c[0] in writable_langs ]
def __init__(self, team, user, *args, **kwargs): if not can_add_video(team, user): raise ValueError("%s can't add videos to %s" % (user, team)) self.team = team super(AddTeamVideosFromFeedForm, self).__init__(user, *args, **kwargs)